Norton places big bet on Mac virtualization vulnerabilities

Thanks to Parallels and VMware, Mac users have powerful virtualization tools for running operating systems in addition to the one Apple installs on the factory floor. Since Windows is one of the most popular virtualized OSes on Apple's computers, security giant Norton felt it was time to try a new two-punch strategy on the Mac security market with Norton AntiVirus Dual Protection. Featuring both Norton AntiVirus 2008 for Windows and Norton AntiVirus 11 for Mac OS X, as well as the typical one-year subscription for virus updates, the company believes it's the right time for some users to take another look at security on the Mac.

There are some decent reasons behind Norton's targeting of the Mac virtualization crowd. For example, both Parallels' and VMware's virtualization products can enable Windows VMs to access a Home folder in Mac OS X, a directory that stores much of a user's data like contacts, personal data, passwords (encrypted, of course), and more. While we haven't heard any reports of a virus striking a Windows VM and taking advantage of this Mac OS X directory access, it certainly is theoretically possible. There are also products like MacDrive which can grant read/write access of an entire Mac-formatted volume to versions of Windows from 98 on. Both of these situations could bring a Mac's OS X boot volume into the sights of a malicious application.

Beyond users of virtualization apps, however, there is a case to be made for Mac users to at least consider looking at security products. There haven't been any wide-spread, run-for-the-hills cases of viruses or self-perpetuating trojans for Mac OS X yet, but Mac users should think about discarding the "What, me worry?" attitude towards security they have cultivated. Past events like the 9805 AutoStart worm that overwrote system data, the Word 2004 demo trojan that wiped out a user's entire Home folder with (ironically) a legitimate Terminal command, last year's Month of Apple Bugs, and the recent trojan disguised as a QuickTime codec download are arguably neglected reminders of the less-than-bulletproof reputation of Mac OS X.

Is this a sight Mac users need to grow accustomed to?

Of course, Mac OS X is still a fairly secure OS on the whole. While Apple has occasionally lagged when it comes to fixing vulnerabilities, it generally moves fairly swiftly with releasing small, but frequent security updates to hammer out the dings in Mac OS X's armor. Some may continue to cling to the "security through obscurity" argument, and users who aren't virtualizing Windows will remain immune to Windows-specific exploit. Still, times always change (as do market shares), and Norton's new dual-platform virus protection is a sign that at least a portion of the market should think a bit more closely about security when playing on both sides of the fence.